#MBLTDev 2014 through the eyes of a simple iOS developer from Tinkoff Bank
Moscow • October 28, 2014 • Digital October
Though late, I decided to share with you my impressions of visiting #MBLTDev 2014. An excellent conference, I hope, my notes will be useful to someone.
')
1. My colleague and I were a bit late for the conference due to traffic jams. About 10 minutes, Tim Messermidt (PayPal) languished in anticipation of us, but as soon as we appeared in the hall, Tim immediately pretended that the speech began a long time ago, and the audience played up to him.
Tim talked about authentication. He cited statistics, apparently based on passwords from PayPal accounts. It turns out that 91% of users specify a word from the top 1000 popular passwords as a password. Funny, of course, a fact, but so far has nothing to do with our authorization system.
All those services that require any authorization, advised not to overload the user with a complex password entry, to give the ability to display the characters of the password, in general, in every way to balance between necessity and security, without scaring the audience with unnecessary complexity. Agitated the public to say “password sucks” and advised everyone to OAuth, and registration - “unless u really really need it”.
This speech once again reminded me that the user is more like a lazy sloth who shouldn’t be strained once more, and to find out what his name is, it’s better to tell fortunes from the stars.
Total: it seems to me, it would be really cool to give the user the opportunity to log in via social networks (we have more information, he has less headache). And also show the password characters when authorizing in a mobile bank, because most often the user is authorized to be alone with himself.
Presentation: www.slideshare.net/elegion/ss-40957408
2. The next speaker was Ash Furrow (Artsy), a developer who wrote an iOS client for a 500px startup. So cheerful and cheerful, complained about the bugs of Xcode 6.
He told not only about Swift development, but about using ReactiveCocoa on Swift. In general, the idea of using ReactiveCocoa was not just soaring in the air at the conference, every speaker, who had little to say about iOS development, spoke about it. Ash had good examples, which he collected right on the stage, showing pieces of code that well complemented his performance.
At the end of the report there was a question from the conference leader: “Ash, if you were hired to develop a project, what language would you use?”, Furrow replied that ObjC is definitely for a commercial project.
Total: ReactiveCocoa on Swift is an interesting topic, but not yet for production. But ReactiveCocoa on ObjC will definitely have to try. After the upcoming releases. Swift time has not come yet.
Presentation: www.slideshare.net/elegion/2-functional-programming-in-swift-ashfurrow
3. Then a representative from VKontakte Andrei Novoselsky came on the scene with a presentation of advertising promotion of applications on the VK platform.
I was not very interested in his performance. I listened carefully, but now I can not remember something outstanding. Andrei talked about the conflict with Apple, about the upcoming release of the marketing platform and its cool features.
I remember a question from the audience: “Why do you not give us a token for the backend?”. Then I became animated. But the answer disappointed both me and the author of the question: “We have different ways of communication between servers, let's discuss it after the performance”. From the hall someone grunted displeasure: "Games on the sidelines."
Total: I learned that 60% of VK users use the service through mobile applications.
Presentation: www.slideshare.net/elegion/mbltdev
4. Ilya Slavutin, a representative of Intel, began to talk about their new mobile cross-platform framework INDE. At the very beginning of the speech, the phrase “INDE seamlessly integrates into our favorite IDE: Android studio, Eclipse and Microsoft Visual Studio” was heard. Everything. Conclusions made.
Examples (as stated in the title of the report) as such did not show. The speaker was more like a marketer than a technician. Yes, he talked about how the framework works, about C ++ piping over the native frameworks of each of the mobile platforms (iOS, Windows Phone, Android), even told about some features (for example, working with video, hardware sensors, etc. .), but iOS code examples were on ObjC.
I wrote a tweet:
To which I received the answer:
All the same, the code is different. To use this framework yet would not. The presentation was not told about those APIs that would not exist in the iOS version.
Total: I learned about Intel's attempt to create a cross-platform C ++ development tool for all platforms. But in the examples ObjC.
Presentation: www.slideshare.net/elegion/mbltdev-intel-inde
5. The next on the Digital October stage in costume and rays of spotlights was our Dmitry Tarasov (Tinkoff Bank).
The audience met him standing up, and the entire female audience looked at our mobile architect with loving eyes. Dima was great. I am sure, energetic, told about the experience of TKS.
Total: All good. By the way, before asking a question to Dmitry, a friend from the audience praised our mobile bank. Nicely. They looked at each other with the manager and broke into a smile.
Presentation: www.slideshare.net/elegion/mbltdev-40959775
6. Yury Buyanov, the Odnoklassniki developer, followed the stage. The host of the event could not resist and pinned up the hero: “Now we will learn how the application is made, which is used by our grandparents.”
I was pleasantly surprised by the performance. Yura cheerfully and confidently, with pauses, as it should, told not only what MVVM is, but also pointed out errors, cited examples with code. Visually and clearly. I started with a reminder of what standard MVC is. Turned on the first slide, and there is a photograph of a squirrel. Yuri explained the squirrel with the fact that he was simply too lazy to do a slide for MVC.
He then told MVVM that ModelView should not know anything about View, and told how this covenant is usually broken. This can be avoided with the help of the “router” pattern. The router object contains all the information about navigation between screens and navigation.
The correct behavior of the MVVM pattern, according to Yuri, is best achieved with the help of the ReactiveCocoa itself. That is, when using the signal mechanism (when objects subscribe to changes in the properties of other objects). Everywhere this ReactiveCocoa ...
At the end of the speech, the moderator commented: “It's nice to know that they know how to program in Odnoklassniki.”
Total: Yura shared the MVVM implementation errors, which I observe in my projects. There was a desire to fix it. Another desire was to try RAC.
Presentation: www.slideshare.net/elegion/mbltdev-mvvm
7. A man in a costume came out on stage (already the second in a day). He talked about security. It was Andrei Belenko (viaForensics). I immediately took a piece of paper in my mind and began to draw up a check list as he spoke.
Andrei gave examples of using NSUserDefaults as a storage for passwords (as the Moscow Parking application does). And shared a bunch of cool bugs. For example, storing private data in bare CoreData. Showed how easy it is to get user data in this case. We have all the check-list well. Private data is encrypted by an algorithm (standard) not invented by us, the encryption key is changed dynamically, if the passwords are stored in the cache, and the server addresses for testing are not included in the release build, they are cut at compile time.
Andrew suggested obfustsirovat code, talking about the features of the language ObjC. Indeed, all selectors can be seen. But it is dangerous in the case when, having connected with the debugger to the application, there is an opportunity to call a method that will return something secret to us. In Tinkoff Wallet I have no such methods. (In the example there was a method that returned a static database encryption key).
Total: we are fine. The recommendation is to use whenever possible TLS instead of SSL (certificate at the back).
Presentation: www.slideshare.net/elegion/7-mbltru
8. About the features of codesign told Ruslan Humenny (e-Legion).
The topic seemed relevant for complex CI, but for us it seemed to me that it was not of particular importance. Ruslan talked about how to sign the code and verify the signature manually. It was useful to know that there is a plugin for QuickLook that displays information about ipa-shnik. It will be necessary to download.
Total: you will need to download a convenient plugin to view ipa signature information.
Presentation: www.slideshare.net/elegion/8-codesign-for-i-os-final
9. Then Alexey Korovyansky (Mb-Lock) came out with a report on automatic testing for Android. A little listened to the report. In it, Alex told about testing tools for Android.
Total: it is very difficult to write tests, but it is possible and, probably, necessary.
10. I returned to the audience to the beginning of the speech of Ruslan Shevchuk from Aviasales.ru. Ruslan talked about Core Data. About what it is and how to use it.
In principle, the speech was similar to the Russian voice acting of the WWDC presentation. The part about iCloud was interesting, that Core Data allows you to implicitly authorize the user and, in fact, store data in the cloud. Not sure if this is suitable for our projects.
Total: Ruslan reminded everyone how to use Core Data and mentioned that you can also store this data in the cloud.
Presentation: www.slideshare.net/elegion/10-aviasales-final
11. Suddenly a man in slippers, who was sitting on the floor next to me, got up and went to the stage. It was Alexander Cherny (Indie-developer).
And he told about trilateration with the help of iBeacon. He pointedly scattered around the hall 3 beacons and walked, determined his location using an iOS application. Of course, along the way listing all the characteristics of devices, difficulties, details of calculations. His performance was very interesting due to his own charisma, and I listened to the end.
Total: Alexander told all about iBeacon, about use, with examples where it might come in handy.
Presentation: chernyy.ru/yapse/upload/trilateration-with-ibeacons.pdf
12. After a couple of Google representatives appeared - Dmitry Nefedkin and Natalia Yefimtseva. They talked about their Google Cloud platform.
For example, they said that Google servers around the world are directly connected by wires, which significantly speeds up the exchange of data between servers, and server maintenance is completely invisible, that is, there is no downtime for users. Creating back-ups for mobile clients, it is possible to generate classes that will be responsible for communication with the back-end. On the question of how they are better than Asure, they answered that "The devil is in the details."
Total: cool service, but there is a danger of strongly tied to the platform, from which then in case of anything it will be difficult to leave.
Presentation: www.slideshare.net/elegion/mbltdev-backend-google-cloud-google
13. Next was the Realm, about which Brian Münholm spoke.
As I understand it, this is a cross-platform Core Data, written in C ++, that works well, ooooochen quickly and has a very simple API (similar to Core Data, but with initialization hidden inside the stack).
Judging by the benchmarks, everything is very cool there. Need to try.
Total: it is necessary to try and evaluate already in practice. The presentation is promising.
Presentation: www.slideshare.net/elegion/mbltdev-41144735
14. Ilya Ryzhenkov told about the new language from JetBrains.
In short, JetBrains plan to release a new language - Kotlin. It looks like all the "languages of the future." Very similar to Scala and Swift. Now in Android studio you can code on Scala, which is not bad.
Ilya also talked about Google’s partnership intentions to use this language. So, I think, everything will turn out at JetBrains, and in a couple of years you can safely switch to Kotlin.
Total: Swift for Android. Ta-dam.
Presentation: www.slideshare.net/elegion/mbltdev-40960224
15. In an attempt to overcome his wild desire to start dancing, Andy Carvel, a representative of Soundcloud, stepped onto the stage.
He was constantly twitching from a surplus of emotions. Talked about how Soundcloud reworked the iOS client and used for this, again, ReactiveCocoa. In this application suffered falls. But with the help of an array of Mac mini and heaps of tests for half a year, they reduced the number of crashes to 10 per week. Well, not a bad result.
Total: damn, well, just need to try ReactiveCocoa.
Presentation: www.slideshare.net/elegion/mbltdev-ios-soundcloud
I did not listen to the next two reports.
Here are the reports that I missed:
16. Development of first-class SDK for Android. Ty Smith, Twitter.
Presentation: www.slideshare.net/elegion/mbltdev-sdk-android-twitter
17. How not to become a hostage of one platform. Alexey Panfilov. Parallels.
Presentation: www.slideshare.net/elegion/mbltdev-parallels
Thank you for reading. Many thanks to e-Legion for the photos and links to the presentations, and for the event, of course.
Until.
Though late, I decided to share with you my impressions of visiting #MBLTDev 2014. An excellent conference, I hope, my notes will be useful to someone.
')
1. My colleague and I were a bit late for the conference due to traffic jams. About 10 minutes, Tim Messermidt (PayPal) languished in anticipation of us, but as soon as we appeared in the hall, Tim immediately pretended that the speech began a long time ago, and the audience played up to him.
Tim talked about authentication. He cited statistics, apparently based on passwords from PayPal accounts. It turns out that 91% of users specify a word from the top 1000 popular passwords as a password. Funny, of course, a fact, but so far has nothing to do with our authorization system.
All those services that require any authorization, advised not to overload the user with a complex password entry, to give the ability to display the characters of the password, in general, in every way to balance between necessity and security, without scaring the audience with unnecessary complexity. Agitated the public to say “password sucks” and advised everyone to OAuth, and registration - “unless u really really need it”.
This speech once again reminded me that the user is more like a lazy sloth who shouldn’t be strained once more, and to find out what his name is, it’s better to tell fortunes from the stars.
Total: it seems to me, it would be really cool to give the user the opportunity to log in via social networks (we have more information, he has less headache). And also show the password characters when authorizing in a mobile bank, because most often the user is authorized to be alone with himself.
Presentation: www.slideshare.net/elegion/ss-40957408
2. The next speaker was Ash Furrow (Artsy), a developer who wrote an iOS client for a 500px startup. So cheerful and cheerful, complained about the bugs of Xcode 6.
He told not only about Swift development, but about using ReactiveCocoa on Swift. In general, the idea of using ReactiveCocoa was not just soaring in the air at the conference, every speaker, who had little to say about iOS development, spoke about it. Ash had good examples, which he collected right on the stage, showing pieces of code that well complemented his performance.
At the end of the report there was a question from the conference leader: “Ash, if you were hired to develop a project, what language would you use?”, Furrow replied that ObjC is definitely for a commercial project.
Total: ReactiveCocoa on Swift is an interesting topic, but not yet for production. But ReactiveCocoa on ObjC will definitely have to try. After the upcoming releases. Swift time has not come yet.
Presentation: www.slideshare.net/elegion/2-functional-programming-in-swift-ashfurrow
3. Then a representative from VKontakte Andrei Novoselsky came on the scene with a presentation of advertising promotion of applications on the VK platform.
I was not very interested in his performance. I listened carefully, but now I can not remember something outstanding. Andrei talked about the conflict with Apple, about the upcoming release of the marketing platform and its cool features.
I remember a question from the audience: “Why do you not give us a token for the backend?”. Then I became animated. But the answer disappointed both me and the author of the question: “We have different ways of communication between servers, let's discuss it after the performance”. From the hall someone grunted displeasure: "Games on the sidelines."
Total: I learned that 60% of VK users use the service through mobile applications.
Presentation: www.slideshare.net/elegion/mbltdev
4. Ilya Slavutin, a representative of Intel, began to talk about their new mobile cross-platform framework INDE. At the very beginning of the speech, the phrase “INDE seamlessly integrates into our favorite IDE: Android studio, Eclipse and Microsoft Visual Studio” was heard. Everything. Conclusions made.
Examples (as stated in the title of the report) as such did not show. The speaker was more like a marketer than a technician. Yes, he talked about how the framework works, about C ++ piping over the native frameworks of each of the mobile platforms (iOS, Windows Phone, Android), even told about some features (for example, working with video, hardware sensors, etc. .), but iOS code examples were on ObjC.
I wrote a tweet:
To which I received the answer:
All the same, the code is different. To use this framework yet would not. The presentation was not told about those APIs that would not exist in the iOS version.
Total: I learned about Intel's attempt to create a cross-platform C ++ development tool for all platforms. But in the examples ObjC.
Presentation: www.slideshare.net/elegion/mbltdev-intel-inde
5. The next on the Digital October stage in costume and rays of spotlights was our Dmitry Tarasov (Tinkoff Bank).
The audience met him standing up, and the entire female audience looked at our mobile architect with loving eyes. Dima was great. I am sure, energetic, told about the experience of TKS.
Total: All good. By the way, before asking a question to Dmitry, a friend from the audience praised our mobile bank. Nicely. They looked at each other with the manager and broke into a smile.
Presentation: www.slideshare.net/elegion/mbltdev-40959775
6. Yury Buyanov, the Odnoklassniki developer, followed the stage. The host of the event could not resist and pinned up the hero: “Now we will learn how the application is made, which is used by our grandparents.”
I was pleasantly surprised by the performance. Yura cheerfully and confidently, with pauses, as it should, told not only what MVVM is, but also pointed out errors, cited examples with code. Visually and clearly. I started with a reminder of what standard MVC is. Turned on the first slide, and there is a photograph of a squirrel. Yuri explained the squirrel with the fact that he was simply too lazy to do a slide for MVC.
He then told MVVM that ModelView should not know anything about View, and told how this covenant is usually broken. This can be avoided with the help of the “router” pattern. The router object contains all the information about navigation between screens and navigation.
The correct behavior of the MVVM pattern, according to Yuri, is best achieved with the help of the ReactiveCocoa itself. That is, when using the signal mechanism (when objects subscribe to changes in the properties of other objects). Everywhere this ReactiveCocoa ...
At the end of the speech, the moderator commented: “It's nice to know that they know how to program in Odnoklassniki.”
Total: Yura shared the MVVM implementation errors, which I observe in my projects. There was a desire to fix it. Another desire was to try RAC.
Presentation: www.slideshare.net/elegion/mbltdev-mvvm
7. A man in a costume came out on stage (already the second in a day). He talked about security. It was Andrei Belenko (viaForensics). I immediately took a piece of paper in my mind and began to draw up a check list as he spoke.
Andrei gave examples of using NSUserDefaults as a storage for passwords (as the Moscow Parking application does). And shared a bunch of cool bugs. For example, storing private data in bare CoreData. Showed how easy it is to get user data in this case. We have all the check-list well. Private data is encrypted by an algorithm (standard) not invented by us, the encryption key is changed dynamically, if the passwords are stored in the cache, and the server addresses for testing are not included in the release build, they are cut at compile time.
Andrew suggested obfustsirovat code, talking about the features of the language ObjC. Indeed, all selectors can be seen. But it is dangerous in the case when, having connected with the debugger to the application, there is an opportunity to call a method that will return something secret to us. In Tinkoff Wallet I have no such methods. (In the example there was a method that returned a static database encryption key).
Total: we are fine. The recommendation is to use whenever possible TLS instead of SSL (certificate at the back).
Presentation: www.slideshare.net/elegion/7-mbltru
8. About the features of codesign told Ruslan Humenny (e-Legion).
The topic seemed relevant for complex CI, but for us it seemed to me that it was not of particular importance. Ruslan talked about how to sign the code and verify the signature manually. It was useful to know that there is a plugin for QuickLook that displays information about ipa-shnik. It will be necessary to download.
Total: you will need to download a convenient plugin to view ipa signature information.
Presentation: www.slideshare.net/elegion/8-codesign-for-i-os-final
9. Then Alexey Korovyansky (Mb-Lock) came out with a report on automatic testing for Android. A little listened to the report. In it, Alex told about testing tools for Android.
Total: it is very difficult to write tests, but it is possible and, probably, necessary.
10. I returned to the audience to the beginning of the speech of Ruslan Shevchuk from Aviasales.ru. Ruslan talked about Core Data. About what it is and how to use it.
In principle, the speech was similar to the Russian voice acting of the WWDC presentation. The part about iCloud was interesting, that Core Data allows you to implicitly authorize the user and, in fact, store data in the cloud. Not sure if this is suitable for our projects.
Total: Ruslan reminded everyone how to use Core Data and mentioned that you can also store this data in the cloud.
Presentation: www.slideshare.net/elegion/10-aviasales-final
11. Suddenly a man in slippers, who was sitting on the floor next to me, got up and went to the stage. It was Alexander Cherny (Indie-developer).
And he told about trilateration with the help of iBeacon. He pointedly scattered around the hall 3 beacons and walked, determined his location using an iOS application. Of course, along the way listing all the characteristics of devices, difficulties, details of calculations. His performance was very interesting due to his own charisma, and I listened to the end.
Total: Alexander told all about iBeacon, about use, with examples where it might come in handy.
Presentation: chernyy.ru/yapse/upload/trilateration-with-ibeacons.pdf
12. After a couple of Google representatives appeared - Dmitry Nefedkin and Natalia Yefimtseva. They talked about their Google Cloud platform.
For example, they said that Google servers around the world are directly connected by wires, which significantly speeds up the exchange of data between servers, and server maintenance is completely invisible, that is, there is no downtime for users. Creating back-ups for mobile clients, it is possible to generate classes that will be responsible for communication with the back-end. On the question of how they are better than Asure, they answered that "The devil is in the details."
Total: cool service, but there is a danger of strongly tied to the platform, from which then in case of anything it will be difficult to leave.
Presentation: www.slideshare.net/elegion/mbltdev-backend-google-cloud-google
13. Next was the Realm, about which Brian Münholm spoke.
As I understand it, this is a cross-platform Core Data, written in C ++, that works well, ooooochen quickly and has a very simple API (similar to Core Data, but with initialization hidden inside the stack).
Judging by the benchmarks, everything is very cool there. Need to try.
Total: it is necessary to try and evaluate already in practice. The presentation is promising.
Presentation: www.slideshare.net/elegion/mbltdev-41144735
14. Ilya Ryzhenkov told about the new language from JetBrains.
In short, JetBrains plan to release a new language - Kotlin. It looks like all the "languages of the future." Very similar to Scala and Swift. Now in Android studio you can code on Scala, which is not bad.
Ilya also talked about Google’s partnership intentions to use this language. So, I think, everything will turn out at JetBrains, and in a couple of years you can safely switch to Kotlin.
Total: Swift for Android. Ta-dam.
Presentation: www.slideshare.net/elegion/mbltdev-40960224
15. In an attempt to overcome his wild desire to start dancing, Andy Carvel, a representative of Soundcloud, stepped onto the stage.
He was constantly twitching from a surplus of emotions. Talked about how Soundcloud reworked the iOS client and used for this, again, ReactiveCocoa. In this application suffered falls. But with the help of an array of Mac mini and heaps of tests for half a year, they reduced the number of crashes to 10 per week. Well, not a bad result.
Total: damn, well, just need to try ReactiveCocoa.
Presentation: www.slideshare.net/elegion/mbltdev-ios-soundcloud
I did not listen to the next two reports.
Here are the reports that I missed:
16. Development of first-class SDK for Android. Ty Smith, Twitter.
Presentation: www.slideshare.net/elegion/mbltdev-sdk-android-twitter
17. How not to become a hostage of one platform. Alexey Panfilov. Parallels.
Presentation: www.slideshare.net/elegion/mbltdev-parallels
Thank you for reading. Many thanks to e-Legion for the photos and links to the presentations, and for the event, of course.
Until.
Source: https://habr.com/ru/post/242815/
All Articles